Cyber deception technology has recently gained the spotlight as a key defensive weapon in the enterprise cybersecurity arsenal.

I thought that sharing my story might be helpful or interesting to some people who feel like I used to.

I'm crowdsourcing my quest for mapping methods.

Here are some facts and common misconceptions about SSE solutions.

I've been inspired to think hard about what I'd like to do in 2023.

Here are four emerging cybersecurity threats and suggestions for defending against them. Higher education institutions can expect to encounter some or all of these threats soon.

Let's take a look at the most common forms of wireless network attacks and specific types within each category, and then talk about how to prevent them.

One of my hobbies is collecting mangled auto-transcriptions. I call it Transcription Zen.

Organizations are increasingly at risk of cyber supply chain compromise, whether intentional or unintentional. Cyber supply chain risks include counterfeiting, unauthorized production, tampering, theft, and insertion of unexpected software and hardware. Managing these risks requires ensuring the integrity of the cyber supply chain and its products and services. This project demonstrates how organizations can verify that the internal components of the computing devices they acquire, whether laptops or servers, are genuine and have not been tampered with. This solution relies on device vendors storing information within each device, and organizations using a combination of commercial off-the-shelf and open-source tools that work together to validate the stored information. This NIST Cybersecurity Practice Guide describes the work performed to build and test the full solution.

Draft NIST IR 8278Ar1, National Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers, instructs OLIR Developers – the subject matter experts who create OLIRs – on how to complete an OLIR Template when submitting an OLIR to NIST for inclusion in the OLIR Catalog.

Draft NIST IR 8278r1, National Online Informative References (OLIR) Program: Overview, Benefits, and Use, describes the OLIR Program, including what OLIRs are, what benefits they provide, and how anyone can access and use OLIRs.

A quick intro to who I am and what I've done

I've been writing nonstop since the year 2000, but I've never blogged...until now!

Vulnerability scanning tools enable organizations to search for and discover potential weaknesses within their environment. Such tools have changed since debuting about 30 years ago. In the beginning, there were two basic types of vulnerability scanners. One scanned the internal network to find hosts on the network, determine what network ports were open and potentially "fingerprint" each host by studying its network behavior to pinpoint its OS and OS version. The other type of vulnerability sc

DevOps brings together software development and operations to shorten development cycles, allow organizations to be agile, and maintain the pace of innovation while taking advantage of cloud-native technology and practices. Industry and government have fully embraced and are rapidly implementing these practices to develop and deploy software in operational environments, often without a full understanding and consideration of security. Also, most software today relies on one or more third-party components, yet organizations often have little or no visibility into and understanding of how these components are developed, integrated, deployed, and maintained, as well as the practices used to ensure the components’ security. To help improve the security of DevOps practices, the NCCoE is planning a DevSecOps project that will focus initially on developing and documenting an applied risk-based approach and recommendations for secure DevOps and software supply chain practices consistent with the Secure Software Development Framework (SSDF), Cybersecurity Supply Chain Risk Management (C-SCRM), and other NIST, government, and industry guidance. This project will apply these DevSecOps practices in proof-of-concept use case scenarios that will each be specific to a technology, programming language, and industry sector. Both closed source (proprietary) and open source technology will be used to demonstrate the use cases. This project will result in a freely available NIST Cybersecurity Practice Guide.

Everyone seems to agree that passwords and password management are a pain. Many universities have adopted multifactor authentication, but MFA still requires the use of passwords. Organizations adopting zero-trust security measures may want to look for something stronger. Passwordless authentication is MFA without a password. Instead, it uses biometric verification, cryptographic keys and other types of authentication factors frequently supported by existing devices. Companies such as Microsoft, Apple and Google already support these standards in their products and services. Here are four things university IT leaders should keep in mind when considering whether to adopt passwordless authentication.

Most universities have incident response playbooks, but these plans are often taken for granted. With so many cybersecurity and technology issues to tackle, IT shops sometimes create incident response plans, then forget about them. That could be a big mistake. A university’s incident response playbook is the most important foundational document driving its incident response management activities. Outdated plans and plans that don’t reflect your current approach to incident handling can slow the detection of complex threats and data breaches, allowing preventable damage to occur and delaying the restoration of normal operations. Up-to-date, robust incident response plans also are often required to obtain cyber insurance. Whether you want to make sure your existing plan still meets your university’s needs or you’re looking to create a new incident response plan, here’s what you need to know about what it should contain and how it should be implemented.

Ready or not, zero trust is coming to your agency soon. The Office of Management and Budget’s Memorandum M-22-09, “Moving the U.S. Government Toward Zero Trust Cybersecurity Principles,” indicates that all federal agencies must “achieve specific zero trust security goals by the end of Fiscal Year 2024.” There are two foundational parts of zero trust. The first is knowing what data and other digital assets you have and where they are. The other is knowing who and what (e.g., cloud-based services) can access each of those assets.

A cybersecurity strategy is a high-level plan for how your organization will secure its assets during the next three to five years. Obviously, because technology and cyber threats can both change unpredictably, you'll almost certainly have to update your strategy sooner than three years from now. A cybersecurity strategy isn't meant to be perfect; it's a strongly educated guess as to what you should do. Your strategy should evolve as your organization and the world around you evolve. The intend

The acquisition and unauthorized use of hardware, software, services and media by users or groups within an organization is known as shadow IT -- and it's a rampant trend across companies. Shadow IT often occurs because people want to use the devices and apps they like and are comfortable with rather than the ones available from IT -- and they perceive the IT department as an obstacle or source of delay if they want to get preferred devices and apps approved. Unfortunately, IT departments can'